Why Security is so difficult?

Security is difficult for a few reasons, one is to find the balance between security and productivity and second the tech who is setting your company needs to be right 100% and the attacker only 1%.

Lets check first the Balance between security and productivity. You can set high security on a system that it is difficult to work on the system and the production suffer, then the users begin to complaint, so the technician trying to avoid complaints from the users, decide to relax a lot the security and then the system became unsecure and the users are so happy that they type the password 12345 on the system.

Second is your tech needs to be 100% right to avoid any attack, imagine that your tech is securing your server and install a lot of protection and leave by mistake one application with vulnerability on one of the server, the attacker just need to use one vulnerability for that application to have full access to your server or any kind of access.

Fort these reasons security is a continues process to check all your systems to find that vulnerability and work with your company to find the balance between security and productivity.